updated 11:25 pm EST, Sun November 29, 2009
Worm led others to develop a bank app redirect
The creator of an iPhone worm has been hired for a legitimate app development job at Mogeneration. Ashley Towns wrote the worm Ikee, a self-propagating program that switched a user's wallpaper to a picture of pop singer Rick Astley. The worm was allegedly not malicious, however it soon lead others to use similar code to obtain bank account login information, according to the BBC. Towns claims he was simply trying to raise awareness of security issues with the iPhone.
The Rick Astley worm used an SSH exploit on jailbroken iPhones, which have removed Apple's protective measures in order to make changes Apple has not authorized. The worm used the default password, invading any iPhone that had not received a new password after the user completed the jailbreaking process.
The subsequent malicious worm surfaced using similar code to target iPhone users who bank with the Dutch financial institution ING. Infected devices would redirect the browser to a lookalike site, which then attempts to capture login information necessary for the hackers to access bank accounts.
"It leaves a nasty taste that he has been rewarded like this, yet has not even expressed regret for his actions," said Sophos' Senior Technology Consultant Graham Cluley. Mogeneration defends its actions by claiming Towns was hired only after completing an interview and passing an iPhone developer test.